Menu
▾
▴
Re: [Ejbca-develop] Antwort: External OCSP server responder problem
|
From: Tomas G. <to...@pr...> - 2013-01-04 11:22:56
|
How did you create it? - Import CA certificate - Create CA, "Signed by External"? If the CAs private key is not in EJBCA, there is no way EJBCA can sign OCSP responses, since they are signed by the CA when using the Internal OCSP Responder. If you have CAs managed outside of EJBCA you should set up an OCSP Responder to answer all your OCSP queries for all your CAs, EJBCA CAs and other CAs. http://www.ejbca.org/installation-ocsp.html /Tomas ********** PrimeKey Solutions AB Anderstorpsvägen 16, 171 54 Solna, Sweden Mob: +46 (0)707421096 Internet: www.primekey.se Twitter: twitter.com/primekeyPKI ********** On 01/04/2013 12:01 PM, Dhaks wrote: > > External CA Meaning in the sense, CA issued by us not in by EJBCA, > with my own CA how to get response from the EJBCA.... > > > Tomas Gustavsson wrote: >> >> >> What do you mean by "External CA"? >> >> How did you create this "External CA" in the first place? >> >> /Tomas >> >> >> ********** >> PrimeKey Solutions AB >> Anderstorpsvägen 16, 171 54 Solna, Sweden >> Mob: +46 (0)707421096 >> Internet: www.primekey.se >> Twitter: twitter.com/primekeyPKI >> ********** >> >> On 01/04/2013 11:11 AM, Dhaks wrote: >>> >>> when activating CA via CA activate the following message giving >>> >>> >>> Message: NICCA2011: CA Activation Successful. >>> Message: CCAIndia2011: CA Activation Successful. >>> Message: NICsub-CA_for_NIC_2011: CA Activation Successful. >>> >>> >>> But it is not activating the CA >>> we are struggling for this past one month. >>> i hope u will give right solution to solve it >>> >>> Hi, >>> >>> have you activated the CA via "CA Activation"? >>> >>> Patrick >>> >>> >>> http://www.kaufland.de >>> http://www.spannende-it.de >>> >>> Wir bleiben die Nr. 1: >>> Kaufland ist "Bester Lebensmittelmarkt 2012"! >>> >>> Kaufland Informationssysteme GmbH & Co. KG >>> Postfach 12 53 - 74149 Neckarsulm >>> Kommanditgesellschaft >>> Sitz: Neckarsulm >>> Registergericht: Stuttgart HRA 104163 >>> >>> >>> >>> >>> >>> >>> >>> Von: Dhaks <g....@ni...> >>> An: ejb...@li... >>> Datum: 04.01.2013 05:08 >>> Betreff: [Ejbca-develop] External OCSP server responder problem >>> >>> >>> >>> >>> When we are trying to get response status for CA which is issued by EJBCA >>> ,it's working fine from the OCSP Client(Using openSSL command), But >>> trying >>> with External CA which is already imported into ejbca database ,it's >>> throwing NULL Pointer exception in server side log where as client side >>> getting the below error >>> >>> "ERROR QUERYING OCSP RESPONDER" >>> and EJBCA AdminGUI the CA shows "CA not active" >>> >>> Server Side Error is in blow >>> >>> >>> >>> Error processing OCSP request. Message: java.lang.RuntimeException: >>> java.lang.NullPointerException. >>> javax.ejb.EJBException: java.lang.RuntimeException: >>> java.lang.NullPointerException >>> at >>> org.jboss.ejb3.tx.Ejb3TxPolicy.handleExceptionInOurTx(Ejb3TxPolicy.java:77) >>> at org.jboss.aspects.tx.TxPolicy.invokeInOurTx >>> (TxPolicy.java:83) >>> at >>> org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:190) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.aspects.tx.TxPropagationInterceptor.invoke >>> (TxPropagationInterceptor.java:76) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at org.jboss.ejb3.tx.NullInterceptor.invoke >>> (NullInterceptor.java:42) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.ejb3.security.RoleBasedAuthorizationInterceptorv2.invoke >>> (RoleBasedAuthorizationInterceptorv2.java:201) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke >>> (Ejb3AuthenticationInterceptorv2.java:186) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.ejb3.ENCPropagationInterceptor.invoke >>> (ENCPropagationInterceptor.java:41) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke >>> (BlockContainerShutdownInterceptor.java:67) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke >>> (CurrentInvocationInterceptor.java:67) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.ejb3.session.SessionSpecContainer.invoke >>> (SessionSpecContainer.java:176) >>> at >>> org.jboss.ejb3.session.SessionSpecContainer.invoke >>> (SessionSpecContainer.java:216) >>> at >>> org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke >>> (SessionProxyInvocationHandlerBase.java:207) >>> at >>> org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke >>> (SessionProxyInvocationHandlerBase.java:164) >>> at $Proxy492.extendedService(Unknown Source) >>> at >>> org.ejbca.ui.web.protocol.OCSPServlet.extendedService(OCSPServlet.java:60) >>> at >>> org.ejbca.ui.web.protocol.OCSPServletBase.signOCSPResponse >>> (OCSPServletBase.java:223) >>> at >>> org.ejbca.ui.web.protocol.OCSPServletBase.serviceOCSP >>> (OCSPServletBase.java:905) >>> at >>> org.ejbca.ui.web.protocol.OCSPServletBase.doPost(OCSPServletBase.java:375) >>> at javax.servlet.http.HttpServlet.service >>> (HttpServlet.java:637) >>> at javax.servlet.http.HttpServlet.service >>> (HttpServlet.java:717) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter >>> (ApplicationFilterChain.java:290) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.doFilter >>> (ApplicationFilterChain.java:206) >>> at >>> org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter >>> (ReplyHeaderFilter.java:96) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter >>> (ApplicationFilterChain.java:235) >>> at >>> org.apache.catalina.core.ApplicationFilterChain.doFilter >>> (ApplicationFilterChain.java:206) >>> at >>> org.apache.catalina.core.StandardWrapperValve.invoke >>> (StandardWrapperValve.java:235) >>> at >>> org.apache.catalina.core.StandardContextValve.invoke >>> (StandardContextValve.java:191) >>> at >>> org.jboss.web.tomcat.security.SecurityAssociationValve.invoke >>> (SecurityAssociationValve.java:190) >>> at >>> org.apache.catalina.authenticator.AuthenticatorBase.invoke >>> (AuthenticatorBase.java:433) >>> at >>> org.jboss.web.tomcat.security.JaccContextValve.invoke >>> (JaccContextValve.java:92) >>> at >>> org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process >>> (SecurityContextEstablishmentValve.java:126) >>> at >>> org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke >>> (SecurityContextEstablishmentValve.java:70) >>> at >>> org.apache.catalina.core.StandardHostValve.invoke >>> (StandardHostValve.java:127) >>> at >>> org.apache.catalina.valves.ErrorReportValve.invoke >>> (ErrorReportValve.java:102) >>> at >>> org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke >>> (CachedConnectionValve.java:158) >>> at >>> org.apache.catalina.core.StandardEngineValve.invoke >>> (StandardEngineValve.java:109) >>> at >>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) >>> at >>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) >>> at >>> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process >>> (Http11Protocol.java:598) >>> at org.apache.tomcat.util.net.JIoEndpoint$Worker.run >>> (JIoEndpoint.java:447) >>> at java.lang.Thread.run(Thread.java:679) >>> Caused by: java.lang.RuntimeException: java.lang.NullPointerException >>> at org.ejbca.core.model.ca.caadmin.CA.getExtendedCAService >>> (CA.java:856) >>> at org.ejbca.core.model.ca.caadmin.CA.extendedService >>> (CA.java:753) >>> at >>> org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean.extendedService >>> (CAAdminSessionBean.java:2379) >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> at >>> sun.reflect.NativeMethodAccessorImpl.invoke >>> (NativeMethodAccessorImpl.java:57) >>> at >>> sun.reflect.DelegatingMethodAccessorImpl.invoke >>> (DelegatingMethodAccessorImpl.java:43) >>> at java.lang.reflect.Method.invoke(Method.java:616) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeTarget >>> (MethodInvocation.java:122) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:111) >>> at >>> org.jboss.ejb3.EJBContainerInvocationWrapper.invokeNext >>> (EJBContainerInvocationWrapper.java:69) >>> at >>> org.jboss.ejb3.interceptors.aop.InterceptorSequencer.invoke >>> (InterceptorSequencer.java:73) >>> at >>> org.jboss.ejb3.interceptors.aop.InterceptorSequencer.aroundInvoke >>> (InterceptorSequencer.java:59) >>> at sun.reflect.GeneratedMethodAccessor421.invoke(Unknown >>> Source) >>> at >>> sun.reflect.DelegatingMethodAccessorImpl.invoke >>> (DelegatingMethodAccessorImpl.java:43) >>> at java.lang.reflect.Method.invoke(Method.java:616) >>> at >>> org.jboss.aop.advice.PerJoinpointAdvice.invoke(PerJoinpointAdvice.java:174) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.fillMethod >>> (InvocationContextInterceptor.java:72) >>> at >>> org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_fillMethod_1089614993.invoke >>> (InvocationContextInterceptor_z_fillMethod_1089614993.java) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor.setup >>> (InvocationContextInterceptor.java:88) >>> at >>> org.jboss.aop.advice.org.jboss.ejb3.interceptors.aop.InvocationContextInterceptor_z_setup_1089614993.invoke >>> (InvocationContextInterceptor_z_setup_1089614993.java) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.ejb3.connectionmanager.CachedConnectionInterceptor.invoke >>> (CachedConnectionInterceptor.java:62) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke >>> (TransactionScopedEntityManagerInterceptor.java:56) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.ejb3.AllowedOperationsInterceptor.invoke >>> (AllowedOperationsInterceptor.java:47) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at org.jboss.ejb3.tx.NullInterceptor.invoke >>> (NullInterceptor.java:42) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at >>> org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke >>> (StatelessInstanceInterceptor.java:68) >>> at >>> org.jboss.aop.joinpoint.MethodInvocation.invokeNext >>> (MethodInvocation.java:102) >>> at org.jboss.aspects.tx.TxPolicy.invokeInOurTx >>> (TxPolicy.java:79) >>> ... 48 more >>> Caused by: java.lang.NullPointerException >>> at org.ejbca.core.model.ca.caadmin.CA.getExtendedCAService >>> (CA.java:833) >>> ... 81 more >>> 2013-01-02 10:59:23,693 DEBUG >>> [org.ejbca.core.protocol.ocsp.TransactionLogger] (http-0.0.0.0-8080-1) >>> e06da8407f000101438312ce13be698a;2;0;0"10.163.14.49";"0";"0";0;"2013-01-02:05:29:23:GMT";94;1;0;0;0;0;0;0;0;"C=IN,O=National >>> >>> Informatics Centre,OU=Sub-CA,CN=NIC sub-CA for NIC >>> 2011";0c7558aee8c0ae3da9d64337ffb572a33f8b9f8a;fa800f1cfc73a4c7699013aeef3c10adaaaf1984;1.3.14.3.2.26;1101cda5343cbf30436b;0 >>> >>> e06da8407f000101438312ce13be698a;2;2;0"10.163.14.49";"0";"0";0;"2013-01-02:05:29:23:GMT";94;1;0;0;0;0;0;0;0;"C=IN,O=National >>> >>> Informatics Centre,OU=Sub-CA,CN=NIC sub-CA for NIC >>> 2011";0c7558aee8c0ae3da9d64337ffb572a33f8b9f8a;fa800f1cfc73a4c7699013aeef3c10adaaaf1984;1.3.14.3.2.26;1101cda5343cbf30436b;0 >>> >>> >>> >>> Is there any solution for above problem, >>> >>> Thanks in Advance >>> >>> >>> >>> >>> >>> -- >>> View this message in context: >>> http://old.nabble.com/External-OCSP-server-responder-problem-tp34850381p34850381.html >>> >>> Sent from the EjbCA - Dev mailing list archive at Nabble.com. >>> >>> >>> ------------------------------------------------------------------------------ >>> >>> Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and >>> much more. Get web development skills now with LearnDevNow - >>> 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts. >>> SALE $99.99 this month only -- learn more at: >>> http://p.sf.net/sfu/learnmore_122812 >>> _______________________________________________ >>> Ejbca-develop mailing list >>> Ejb...@li... >>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>> >>> >>> ------------------------------------------------------------------------------ >>> Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and >>> much more. Get web development skills now with LearnDevNow - >>> 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts. >>> SALE $99.99 this month only -- learn more at: >>> http://p.sf.net/sfu/learnmore_122812 >>> _______________________________________________ >>> Ejbca-develop mailing list >>> Ejb...@li... >>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>> >>> >>> >> >> ------------------------------------------------------------------------------ >> Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and >> much more. Get web development skills now with LearnDevNow - >> 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts. >> SALE $99.99 this month only -- learn more at: >> http://p.sf.net/sfu/learnmore_122812 >> _______________________________________________ >> Ejbca-develop mailing list >> Ejb...@li... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >> >> > |
